netflix.bariscancifci.com Open in urlscan Pro
2606:4700:3032::6815:4c21  Malicious Activity! Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
6 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response netflix.bariscancifci.com/	5 KB 2 KB	265ms 239ms	Document text/html	2606:4700:3032::6815:4c21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4c21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30a037508e0f32ee85b1b723170a685508005e7051713610fda56bcfd0181917 Request headers :method GET :authority netflix.bariscancifci.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT content-type text/html set-cookie __cfduid=d6c04477f02d2517a8ea6c5a91a44f6fc1613949733; expires=Tue, 23-Mar-21 23:22:13 GMT; path=/; domain=.bariscancifci.com; HttpOnly; SameSite=Lax; Secure last-modified Sun, 21 Feb 2021 18:27:28 GMT vary Accept-Encoding x-turbo-charged-by LiteSpeed cf-cache-status DYNAMIC cf-request-id 08687fa1070000074a9fb8f000000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7EEKGnI9UZ2m9ThcmIKEyfnhbx9ssxopibmbH0%2BV4Ew6IJREP%2FrTkR%2FlKWZ%2F5GurxvSuJOaMByQUJwJwcZ9J4nV4a97aaowK9rtuiVB7FGzCBEI4NzFdDx3fYkgr6Cm4A6GqodHD"}],"max_age":604800} nel {"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 625435480d57074a-FRA content-encoding br
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/	58 KB 11 KB	26ms 11ms	Stylesheet text/css	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://netflix.bariscancifci.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 352789 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10472 cf-request-id 08687fa20b00004ea35baa0000000001 timing-allow-origin * last-modified Wed, 13 Jan 2021 22:29:05 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5fff7431-e7d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9bM26A%2B6QfEt8%2BoRCyZycF%2By6ukvj02t%2FmIjfddW0nQoWgd8fc2hOQJBMEFcF83E16yJTKHrk96oa3lzATtfZElMxXyrIuGiShCpZMRHPuUNV5veUJ6%2B2uXr7bPN3PJbUw%3D%3D"}],"max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 62543549aec34ea3-FRA expires Fri, 11 Feb 2022 23:22:13 GMT
GET H2	200	style.css netflix.bariscancifci.com/css/	4 KB 1 KB	13ms 13ms	Stylesheet text/css	2606:4700:3032::6815:4c21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://netflix.bariscancifci.com/css/style.css Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4c21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f1baf19d3bcbe4d39786e09f8b1f8962c8170ffe34af48d2cfbbbfc4f8d5c5c6 Request headers Referer https://netflix.bariscancifci.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT content-encoding br cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 10964 cf-polished origSize=5220 cf-bgj minify cf-request-id 08687fa1fd0000074a04bde000000001 last-modified Sun, 21 Feb 2021 18:26:20 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xe%2BuzrfIP4KxLIOO3OJ4Rv5Ie3%2F3ddJzGd7DV1rsz6F0VwNUfjPNmCHEBYQ3d8vPjntE9DaP7kxsPeWBVthmClGxyI%2F8hPexbVxcXZ8aeNTy0yZ0Fm33UuiB%2B0tqL73oEJifDlSt"}],"max_age":604800} content-type text/css cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed cf-ray 625435499eb1074a-FRA expires Sun, 28 Feb 2021 20:19:26 GMT
GET H2	200	Netflix_logo.svg netflix.bariscancifci.com/img/	2 KB 1 KB	237ms 237ms	Image image/svg+xml	2606:4700:3032::6815:4c21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netflix.bariscancifci.com/img/Netflix_logo.svg Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4c21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c7f7a822e8327a5e43154257465d2b347446ed7ae71dc1cbb62d34bebfe5a702 Request headers Referer https://netflix.bariscancifci.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT content-encoding br cf-cache-status MISS last-modified Sun, 21 Feb 2021 18:26:44 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FqWCex%2FOBmyx1hlTM7vVTvGT1T2fynVkqA2Frg4DxSX3%2Bi7elGR1Q5A%2B1dO53Ko6TK5yU7l34fMErKJkJHpfYYoEFzEEc9GQ2H2PIGd5QyHCLj9ni9fRyxo2mCQksraw1aXAeuVu"}],"max_age":604800} content-type image/svg+xml cache-control public, max-age=604800 nel {"report_to":"cf-nel","max_age":604800} x-turbo-charged-by LiteSpeed cf-ray 625435499eb5074a-FRA cf-request-id 08687fa1fd0000074a1232f000000001 expires Sun, 28 Feb 2021 23:22:12 GMT
GET H2	200	i8cNIG9xC8sLhYEpXE Show response giphy.com/embed/ Frame 232E	13 KB 3 KB	168ms 112ms	Document text/html	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash f1ec924392691f7fc2f78a37ac6f7795d6e72d8eb7321704a78655e94e21a9f9 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers :method GET :authority giphy.com :scheme https :path /embed/i8cNIG9xC8sLhYEpXE pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://netflix.bariscancifci.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://netflix.bariscancifci.com/ Response headers cache-control s-maxage=3600, no-cache, max-age=0, must-revalidate content-encoding gzip content-type text/html server nginx via 1.1 varnish, 1.1 varnish accept-ranges bytes date Sun, 21 Feb 2021 23:22:13 GMT age 3036 strict-transport-security max-age=86400 x-served-by cache-bwi5128-BWI, cache-hhn4040-HHN x-cache HIT, MISS x-cache-hits 1, 0 x-timer S1613949733.445914,VS0,VE86 vary Accept-Encoding, X-UA-Device, Fastly-SSL content-length 2863
GET H2	200	IGwT7O82uAQa3ycFYk Show response giphy.com/embed/ Frame EEB5	13 KB 3 KB	338ms 284ms	Document text/html	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/embed/IGwT7O82uAQa3ycFYk Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 6ccf63a125a8521a4cfaf52d3557a1b1e1347273f24c9f9155af2a7508410618 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers :method GET :authority giphy.com :scheme https :path /embed/IGwT7O82uAQa3ycFYk pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://netflix.bariscancifci.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://netflix.bariscancifci.com/ Response headers cache-control s-maxage=3600, no-cache, max-age=0, must-revalidate content-encoding gzip content-type text/html server nginx via 1.1 varnish, 1.1 varnish accept-ranges bytes date Sun, 21 Feb 2021 23:22:13 GMT age 0 strict-transport-security max-age=86400 x-served-by cache-bwi5146-BWI, cache-hhn4040-HHN x-cache MISS, MISS x-cache-hits 0, 0 x-timer S1613949733.445898,VS0,VE257 vary Accept-Encoding, X-UA-Device, Fastly-SSL content-length 2908
GET H2	200	l1J3F47tzXOa64BTq Show response giphy.com/embed/ Frame 8367	12 KB 3 KB	165ms 111ms	Document text/html	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/embed/l1J3F47tzXOa64BTq Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 7a8cc38e0d9a07f0cbf18e3d71874334dbe82c5b7f47de776775bd880c13f4e0 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers :method GET :authority giphy.com :scheme https :path /embed/l1J3F47tzXOa64BTq pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://netflix.bariscancifci.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://netflix.bariscancifci.com/ Response headers cache-control s-maxage=3600, no-cache, max-age=0, must-revalidate content-encoding gzip content-type text/html server nginx via 1.1 varnish, 1.1 varnish accept-ranges bytes date Sun, 21 Feb 2021 23:22:13 GMT age 3036 strict-transport-security max-age=86400 x-served-by cache-bwi5178-BWI, cache-hhn4040-HHN x-cache HIT, MISS x-cache-hits 1, 0 x-timer S1613949733.445885,VS0,VE85 vary Accept-Encoding, X-UA-Device, Fastly-SSL content-length 2780
GET H2	200	netflix-bg.jpg netflix.bariscancifci.com/img/	926 KB 927 KB	378ms 377ms	Image image/jpeg	2606:4700:3032::6815:4c21 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://netflix.bariscancifci.com/img/netflix-bg.jpg Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4c21 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 95bfebed42a91453aafbf61a5f450c3977f4d65ac1de9b89e6eaaaac9453d8ef Request headers Referer https://netflix.bariscancifci.com/css/style.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT cf-cache-status MISS nel {"report_to":"cf-nel","max_age":604800} content-length 948188 cf-request-id 08687fa21e0000074aee8f7000000001 last-modified Sun, 21 Feb 2021 18:27:05 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ico%2FequzvoOynzrpwBUVGIUmIo%2BMQoJ6n4qt6u2E9LiJRjYeZF9ZjxASkECU6J7eyCPp2fwnhgCl%2Fy%2FWs7lOETjP4o537pgH3s7Qch0u2Y%2F503rOY5g%2BOk7dU%2BlXZ1MJ1wQ5yDYR"}],"max_age":604800} content-type image/jpeg cache-control public, max-age=604800 x-turbo-charged-by LiteSpeed accept-ranges bytes cf-ray 62543549cefa074a-FRA expires Sun, 28 Feb 2021 23:22:12 GMT
GET H2	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/	78 KB 79 KB	25ms 12ms	Font application/octet-stream	2606:4700::6810:125e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Origin https://netflix.bariscancifci.com Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT x-content-type-options nosniff cf-cache-status HIT nel {"report_to":"cf-nel","max_age":604800} age 585559 cross-origin-resource-policy cross-origin alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 80252 cf-request-id 08687fa22c00001762768f2000000001 timing-allow-origin * last-modified Wed, 13 Jan 2021 22:29:06 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5fff7432-1397c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hXsOBl%2FB8aiUmfcUV0TSg0xy5xPuxKvQtshmS7cJ7%2BJg%2BQoiDjnNGdoGadG1BD1x17aMm4ajf2c%2FEhpEdVFxu%2BNjjo8oaBsh%2BJ4alFMZS6Vc8zf1MnhyTmasXKGeohJAVg%3D%3D"}],"max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 62543549de171762-FRA expires Fri, 11 Feb 2022 23:22:13 GMT
GET H2	200	runtime.82d87416.bundle.js Show response giphy.com/static/dist/ Frame 8367	7 KB 3 KB	27ms 26ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/runtime.82d87416.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c5a08cb870027704205e62d25c55e76308b2e9195b3648c01a37d04ea5467450 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 267350 x-cache HIT, HIT content-encoding gzip content-length 2395 x-served-by cache-bwi5165-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 20:58:00 GMT server nginx x-timer S1613949734.564718,VS0,VE0 etag W/"be9574d1f930946e170f8285d126db9d" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 5315
GET H2	200	gifEmbed.239bac7f.bundle.js Show response giphy.com/static/dist/ Frame 8367	534 KB 177 KB	27ms 27ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/gifEmbed.239bac7f.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 2ff9dae4dd8de81a8ce2d137cfa61e9b8dcb7849471ed1b1ae2a75b2a5779c57 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 286151 x-cache HIT, HIT content-encoding gzip content-length 181006 x-served-by cache-bwi5157-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 15:41:10 GMT server nginx x-timer S1613949734.564717,VS0,VE0 etag W/"03a10f3b14e11af942eefe904a8a849e" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 2
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 8367	46 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 5461 date Sun, 21 Feb 2021 21:51:12 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Sun, 21 Feb 2021 23:51:12 GMT
GET H2	200	200w_s.gif media3.giphy.com/media/l1J3F47tzXOa64BTq/ Frame 8367	16 KB 16 KB	95ms 29ms	Image image/gif	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media3.giphy.com/media/l1J3F47tzXOa64BTq/200w_s.gif?cid=790b7611e802f4bb432a261be1d945d396f9fe2a2197f8f8&rid=200w_s.gif Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash bd9433b692f320542eaffce3c6765b7cc1317fad91bfbe3345013cc301d618f6 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 1500614 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 15947 x-served-by cache-bwi5133-BWI, cache-hhn4046-HHN last-modified Wed, 13 Mar 2019 22:01:30 GMT x-timer S1613949734.637410,VS0,VE1 etag "05cabb3d57d9255aab5d2262de0855de" strict-transport-security max-age=86400 content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	runtime.82d87416.bundle.js Show response giphy.com/static/dist/ Frame 232E	7 KB 2 KB	84ms 84ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/runtime.82d87416.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c5a08cb870027704205e62d25c55e76308b2e9195b3648c01a37d04ea5467450 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 267350 x-cache HIT, HIT content-encoding gzip content-length 2395 x-served-by cache-bwi5165-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 20:58:00 GMT server nginx x-timer S1613949734.572186,VS0,VE0 etag W/"be9574d1f930946e170f8285d126db9d" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 5316
GET H2	200	gifEmbed.239bac7f.bundle.js Show response giphy.com/static/dist/ Frame 232E	534 KB 177 KB	84ms 84ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/gifEmbed.239bac7f.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 2ff9dae4dd8de81a8ce2d137cfa61e9b8dcb7849471ed1b1ae2a75b2a5779c57 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 286151 x-cache HIT, HIT content-encoding gzip content-length 181006 x-served-by cache-bwi5157-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 15:41:10 GMT server nginx x-timer S1613949734.572346,VS0,VE0 etag W/"03a10f3b14e11af942eefe904a8a849e" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 3
GET H2	200	analytics.js Show response www.google-analytics.com/ Frame 232E	46 KB 19 KB	6ms 5ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: giphy.com URL: https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 5461 date Sun, 21 Feb 2021 21:51:12 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Sun, 21 Feb 2021 23:51:12 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/ Frame 8367	4 B 84 B	12ms 12ms	XHR text/plain	2a00:1450:400c:c0c::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-38174542-5&cid=156574212.1613949734&jid=1540550869&gjid=1165504964&_gid=1182783186.1613949734&_u=IGBAgEABAAAAAE~&z=88371000 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Sun, 21 Feb 2021 23:22:13 GMT content-type text/plain access-control-allow-origin https://giphy.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-Q050	200	collect www.google-analytics.com/ Frame 8367	35 B 121 B	6ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&a=2092620646&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2Fl1J3F47tzXOa64BTq&dr=https%3A%2F%2Fnetflix.bariscancifci.com%2F&ul=en-us&de=UTF-8&dt=How%20I%20Met%20Your%20Mother%20Cheers%20GIF%20by%20WGN%20America%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=480x270&je=0&_u=IGBAgEAB~&jid=1540550869&gjid=1165504964&cid=156574212.1613949734&tid=UA-38174542-5&_gid=1182783186.1613949734&z=2074844033 Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 21 Feb 2021 22:39:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 2590 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	200w_s.gif media1.giphy.com/media/i8cNIG9xC8sLhYEpXE/ Frame 232E	17 KB 17 KB	44ms 42ms	Image image/gif	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media1.giphy.com/media/i8cNIG9xC8sLhYEpXE/200w_s.gif?cid=790b76116dc3becfb4de9ceb8f524f1e5c7ee17d6695fa9a&rid=200w_s.gif Requested by Host: giphy.com URL: https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash 48aeac8f110962ae43e1ea068a73556bb1f0bc48a8bcb19160f79af46b190fa1 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 826090 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 16941 x-served-by cache-bwi5182-BWI, cache-hhn4046-HHN last-modified Thu, 19 Nov 2020 18:44:36 GMT x-timer S1613949734.708113,VS0,VE14 etag "8bf4a7b22aaeec8165bdeb8c78c7980e" strict-transport-security max-age=86400 content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 1, 1
GET H3-Q050	200	collect www.google-analytics.com/ Frame 232E	35 B 58 B	6ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&a=2061546512&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2Fi8cNIG9xC8sLhYEpXE&dr=https%3A%2F%2Fnetflix.bariscancifci.com%2F&ul=en-us&de=UTF-8&dt=Dance%20Dancing%20GIF%20by%20NETFLIX%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=480x270&je=0&_u=ACCAgEAB~&jid=&gjid=&cid=156574212.1613949734&tid=UA-38174542-5&_gid=1182783186.1613949734&z=655869129 Requested by Host: giphy.com URL: https://giphy.com/embed/i8cNIG9xC8sLhYEpXE Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 21 Feb 2021 22:39:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 2590 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.com/ads/ Frame 8367	42 B 107 B	17ms 17ms	Image image/gif	2a00:1450:4001:82a::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-38174542-5&cid=156574212.1613949734&jid=1540550869&_u=IGBAgEABAAAAAE~&z=209305752 Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 21 Feb 2021 23:22:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/ Frame 8367	42 B 107 B	18ms 17ms	Image image/gif	2a00:1450:4001:828::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-38174542-5&cid=156574212.1613949734&jid=1540550869&_u=IGBAgEABAAAAAE~&z=209305752 Requested by Host: giphy.com URL: https://giphy.com/embed/l1J3F47tzXOa64BTq Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 21 Feb 2021 23:22:13 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame 8367	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame 8367	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame 232E	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame 232E	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	giphy.webp media3.giphy.com/media/l1J3F47tzXOa64BTq/ Frame 8367	263 KB 263 KB	31ms 30ms	Image image/webp	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media3.giphy.com/media/l1J3F47tzXOa64BTq/giphy.webp?cid=790b7611e802f4bb432a261be1d945d396f9fe2a2197f8f8&rid=giphy.webp Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash c3f2e3b0ec1b8f2bbec6986adf8ca2ca7a6a8cedf45d5f0a6824e1ff7cb418f0 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/l1J3F47tzXOa64BTq User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 1452726 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 268918 x-served-by cache-bwi5153-BWI, cache-hhn4046-HHN last-modified Wed, 13 Mar 2019 22:01:30 GMT x-timer S1613949734.885121,VS0,VE2 etag "21a110a7adec35d048eb3afb843fb5f9" strict-transport-security max-age=86400 content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 24, 1
GET H2	200	giphy.webp media1.giphy.com/media/i8cNIG9xC8sLhYEpXE/ Frame 232E	746 KB 747 KB	116ms 115ms	Image image/webp	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media1.giphy.com/media/i8cNIG9xC8sLhYEpXE/giphy.webp?cid=790b76116dc3becfb4de9ceb8f524f1e5c7ee17d6695fa9a&rid=giphy.webp Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash 358bc2539b9c2b93f1f150296a0b12cede06e956205e8a37ab3d9283162ea4f3 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 0 x-cache HIT, MISS cross-origin-resource-policy cross-origin content-length 764034 x-served-by cache-bwi5162-BWI, cache-hhn4046-HHN last-modified Thu, 19 Nov 2020 18:44:36 GMT x-timer S1613949734.887647,VS0,VE86 etag "eea0636baa752a50f7c748b2e70ddfea" strict-transport-security max-age=86400 content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 1, 0
GET H2	200	verified-badge.svg giphy.com/static/img/embeds/ Frame 232E	1 KB 840 B	27ms 26ms	Image image/svg+xml	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://giphy.com/static/img/embeds/verified-badge.svg Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/i8cNIG9xC8sLhYEpXE User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 665700 x-cache HIT, HIT content-encoding gzip content-length 643 x-served-by cache-bwi5163-BWI, cache-hhn4040-HHN last-modified Thu, 13 Feb 2020 23:22:40 GMT server nginx x-timer S1613949734.885827,VS0,VE0 etag "67e92a504578b0e855753b215a0a498a" strict-transport-security max-age=86400 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 8209, 4520
GET H2	200	runtime.82d87416.bundle.js Show response giphy.com/static/dist/ Frame EEB5	7 KB 3 KB	26ms 26ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/runtime.82d87416.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/IGwT7O82uAQa3ycFYk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash c5a08cb870027704205e62d25c55e76308b2e9195b3648c01a37d04ea5467450 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 267351 x-cache HIT, HIT content-encoding gzip content-length 2395 x-served-by cache-bwi5165-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 20:58:00 GMT server nginx x-timer S1613949734.886235,VS0,VE0 etag W/"be9574d1f930946e170f8285d126db9d" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 5317
GET H2	200	gifEmbed.239bac7f.bundle.js Show response giphy.com/static/dist/ Frame EEB5	534 KB 177 KB	27ms 26ms	Script application/javascript	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Full URL https://giphy.com/static/dist/gifEmbed.239bac7f.bundle.js Requested by Host: giphy.com URL: https://giphy.com/embed/IGwT7O82uAQa3ycFYk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 2ff9dae4dd8de81a8ce2d137cfa61e9b8dcb7849471ed1b1ae2a75b2a5779c57 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 286151 x-cache HIT, HIT content-encoding gzip content-length 181006 x-served-by cache-bwi5157-BWI, cache-hhn4040-HHN last-modified Thu, 18 Feb 2021 15:41:10 GMT server nginx x-timer S1613949734.886408,VS0,VE0 etag W/"03a10f3b14e11af942eefe904a8a849e" strict-transport-security max-age=86400 content-type application/javascript cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 1, 4
GET H3-Q050	200	analytics.js Show response www.google-analytics.com/ Frame EEB5	46 KB 19 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: giphy.com URL: https://giphy.com/embed/IGwT7O82uAQa3ycFYk Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 05 Feb 2021 21:33:27 GMT server Golfe2 age 5461 date Sun, 21 Feb 2021 21:51:12 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18980 expires Sun, 21 Feb 2021 23:51:12 GMT
GET H2	200	200w_s.gif media2.giphy.com/media/IGwT7O82uAQa3ycFYk/ Frame EEB5	18 KB 18 KB	79ms 78ms	Image image/gif	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media2.giphy.com/media/IGwT7O82uAQa3ycFYk/200w_s.gif?cid=790b761136ea951b3e1eee2e64ea99e5950dd08234bdbcd3&rid=200w_s.gif Requested by Host: giphy.com URL: https://giphy.com/embed/IGwT7O82uAQa3ycFYk Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash 75267dba95b821d351b7581cc3c2104d6faa351c52d8299900291c121e19da95 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 660056 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 17943 x-served-by cache-bwi5159-BWI, cache-hhn4046-HHN last-modified Fri, 12 Feb 2021 21:00:37 GMT x-timer S1613949734.892425,VS0,VE1 etag "2001bc2d57f384f8f732ac2866545420" strict-transport-security max-age=86400 content-type image/gif access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 1, 1
GET H3-Q050	200	collect www.google-analytics.com/ Frame EEB5	35 B 58 B	6ms 6ms	Image image/gif	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j88&a=1348759429&t=pageview&_s=1&dl=https%3A%2F%2Fgiphy.com%2Fembed%2FIGwT7O82uAQa3ycFYk&dr=https%3A%2F%2Fnetflix.bariscancifci.com%2F&ul=en-us&de=UTF-8&dt=Scared%20Bear%20Grylls%20GIF%20by%20NETFLIX%20-%20Find%20%26%20Share%20on%20GIPHY&sd=24-bit&sr=1600x1200&vp=480x270&je=0&_u=ACCAgEAB~&jid=&gjid=&cid=156574212.1613949734&tid=UA-38174542-5&_gid=1182783186.1613949734&z=2143966863 Requested by Host: giphy.com URL: https://giphy.com/embed/IGwT7O82uAQa3ycFYk Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers pragma no-cache date Sun, 21 Feb 2021 22:39:03 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 2590 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET DATA	200 OK	truncated / Frame EEB5	90 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame EEB5	66 B 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79 Request headers Referer User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Content-Type image/webp
GET H2	200	verified-badge.svg giphy.com/static/img/embeds/ Frame EEB5	1 KB 784 B	26ms 26ms	Image image/svg+xml	151.101.1.185 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://giphy.com/static/img/embeds/verified-badge.svg Requested by Host: giphy.com URL: https://giphy.com/static/dist/gifEmbed.239bac7f.bundle.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.1.185 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish vary Accept-Encoding, X-UA-Device, Fastly-SSL age 665700 x-cache HIT, HIT content-encoding gzip content-length 643 x-served-by cache-bwi5163-BWI, cache-hhn4040-HHN last-modified Thu, 13 Feb 2020 23:22:40 GMT server nginx x-timer S1613949734.977949,VS0,VE0 etag "67e92a504578b0e855753b215a0a498a" strict-transport-security max-age=86400 content-type image/svg+xml cache-control public, max-age=31536000 accept-ranges bytes x-cache-hits 8209, 4521
GET H2	200	giphy.webp media2.giphy.com/media/IGwT7O82uAQa3ycFYk/ Frame EEB5	972 KB 972 KB	28ms 28ms	Image image/webp	151.101.114.2
General Check archive.org Show headers Download Go to Show image Full URL https://media2.giphy.com/media/IGwT7O82uAQa3ycFYk/giphy.webp?cid=790b761136ea951b3e1eee2e64ea99e5950dd08234bdbcd3&rid=giphy.webp Requested by Host: netflix.bariscancifci.com URL: https://netflix.bariscancifci.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.2 Frankfurt am Main, Germany, ASN (), Reverse DNS Software / Resource Hash 216b198592fa15983c818d4fac04ad05896ba1c53704078a3712507d8d89e466 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://giphy.com/embed/IGwT7O82uAQa3ycFYk User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sun, 21 Feb 2021 23:22:13 GMT via 1.1 varnish, 1.1 varnish age 660054 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 994958 x-served-by cache-bwi5182-BWI, cache-hhn4046-HHN last-modified Fri, 12 Feb 2021 21:00:37 GMT x-timer S1613949734.980062,VS0,VE1 etag "6b923fa9f5d7a5fe42bc2d71125886b1" strict-transport-security max-age=86400 content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes x-cache-hits 1, 1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Netflix (Online)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.giphy.com/	1970-01-19 16:20:36	Name: _gid Value: GA1.2.1182783186.1613949734
			.giphy.com/	1970-01-20 09:50:21	Name: _ga Value: GA1.2.156574212.1613949734
			.giphy.com/	1970-01-19 16:19:09	Name: _gat Value: 1
			.bariscancifci.com/	1970-01-19 17:02:21	Name: __cfduid Value: d6c04477f02d2517a8ea6c5a91a44f6fc1613949733

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
giphy.com
media1.giphy.com
media2.giphy.com
media3.giphy.com
netflix.bariscancifci.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
151.101.1.185
151.101.114.2
2606:4700:3032::6815:4c21
2606:4700::6810:125e
2a00:1450:4001:800::200e
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2004
2a00:1450:400c:c0c::9c
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1617c840923e70e362d2a97fe41721a94a696ffb76a7d5060db81797d765f82d
216b198592fa15983c818d4fac04ad05896ba1c53704078a3712507d8d89e466
2ff9dae4dd8de81a8ce2d137cfa61e9b8dcb7849471ed1b1ae2a75b2a5779c57
30a037508e0f32ee85b1b723170a685508005e7051713610fda56bcfd0181917
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
358bc2539b9c2b93f1f150296a0b12cede06e956205e8a37ab3d9283162ea4f3
48aeac8f110962ae43e1ea068a73556bb1f0bc48a8bcb19160f79af46b190fa1
6ccf63a125a8521a4cfaf52d3557a1b1e1347273f24c9f9155af2a7508410618
75267dba95b821d351b7581cc3c2104d6faa351c52d8299900291c121e19da95
7a8cc38e0d9a07f0cbf18e3d71874334dbe82c5b7f47de776775bd880c13f4e0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
95bfebed42a91453aafbf61a5f450c3977f4d65ac1de9b89e6eaaaac9453d8ef
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
bd9433b692f320542eaffce3c6765b7cc1317fad91bfbe3345013cc301d618f6
c3f2e3b0ec1b8f2bbec6986adf8ca2ca7a6a8cedf45d5f0a6824e1ff7cb418f0
c5a08cb870027704205e62d25c55e76308b2e9195b3648c01a37d04ea5467450
c7f7a822e8327a5e43154257465d2b347446ed7ae71dc1cbb62d34bebfe5a702
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1baf19d3bcbe4d39786e09f8b1f8962c8170ffe34af48d2cfbbbfc4f8d5c5c6
f1ec924392691f7fc2f78a37ac6f7795d6e72d8eb7321704a78655e94e21a9f9